module.exports = (viewIds) => {
  return async (ctx, next) => {
    // 登录获取用户的id  √
    // 根据id 获取对应的权限  sql
    let sql = `select user.uid,user.name ,roles.text,roles.\`view\` from user_roles 
     LEFT JOIN user ON  
     user.uid=user_roles.uid
     LEFT JOIN roles
     ON user_roles.roleid = roles.roleid
     where user.uid=${ctx.uid};
`;
    let res = await ctx.db.execute(sql);
    console.log(res);
    if (res.length === 0) {
      ctx.status = 403;
      return ctx.body = {
        code: -1,
        msg: '无权限'
      };
    }
    let flag = res.some(item => {
      let index = viewIds.findIndex(viewId => viewId === item.view);
      return index !== -1;
    });
    if (flag) {
      next();
    } else {
      ctx.status = 403;
      return ctx.body = {
        code: -1,
        msg: '无权限'
      };
    }
    // 有   next()
    // 没有  // 403
  };
};
